Method and system for determining point of sale authorization

ABSTRACT

According to an embodiment of the present invention, an automated computer implemented method and system for determining authorization for a point of sale transaction, wherein the method is executed by a programmed computer processor which communicates with a user via a communication network comprising receiving a point of sale authorization request for a transaction from a customer at a merchant, via a communication network; accessing profile data associated with one or more of the customer, an account associated with the customer and the merchant involved in the transaction; applying one or more rules to the authorization request wherein the one or more rules comprises one or more of credit rules and fraud rules; applying one or more scoring algorithm to the authorization request wherein the one or more scoring algorithm indicates an assessment of risk; determining an authorization response, via a programmed computer processor, based at least in part on a combination of profile data, the one or more applied rules and the one or more applied scoring algorithms; providing the authorization response for the transaction via the communication network.

CROSS-REFERENCE TO RELATED APPLICATION

This patent application claims priority to U.S. Provisional PatentApplication No. 61/360,960, filed Jul. 2, 2010, which is herebyincorporated by reference herein in its entirety.

FIELD OF THE INVENTION

The present invention relates generally to point of sale authorizations,and more specifically to a method and system for providing enhancedpoint of sale decisions for customers and providers where multiple datatypes are analyzed and considered in addressing each transaction.

BACKGROUND OF THE INVENTION

Currently, point of sale (POS) systems generally approve alltransactions and address fraudulent transactions well after thetransaction has been completed. Most merchants will more often than notapprove a majority of the transactions. If transactions are declined,they are declined without much intelligence. In determining whether toauthorize a transaction, the current systems usually only focus on onefactor: the customer's credit for that card, without regard to otherfactors and considerations. As a result, current systems do notaccurately authorize and decline transactions, which result ininefficiencies, approval of fraudulent charges and lost revenue.

Other drawbacks may also be present.

SUMMARY OF THE INVENTION

Accordingly, one aspect of the invention is to address one or more ofthe drawbacks set forth above. According to an embodiment of the presentinvention, an automated computer implemented method for determiningauthorization for a point of sale transaction, wherein the method isexecuted by a programmed computer processor which communicates with auser via a communication network, comprises the steps of: receiving apoint of sale authorization request for a transaction from a customer ata merchant, via a communication network; accessing profile dataassociated with one or more of the customer, an account associated withthe customer and the merchant involved in the transaction; applying oneor more rules to the authorization request wherein the one or more rulescomprises credit rules and fraud rules; applying one or more scoringalgorithm to the authorization request wherein the one or more scoringalgorithm indicates an assessment of risk; determining an authorizationresponse, via a programmed computer processor, based at least in part ona combination of profile data, the one or more applied rules and the oneor more applied scoring algorithms; providing the authorization responsefor the transaction via the communication network.

According to an exemplary embodiment of the present invention, anautomated computer implemented method and system for determiningauthorization for a point of sale transaction further comprises: whereinthe profile data comprises geographic location of one or more of thecustomer, the merchant and a card product associated with the customer;wherein the profile data comprises travel advisories and purchaseadvisories associated with the customer; wherein the one or more scoringalgorithm comprises credit risk and fraud risk; wherein the fraud riskis based on one or more of fraud events and fraud trends; wherein theone or more scoring algorithm comprises one or more of profitability,spend utilization and attrition; wherein the authorization responsecomprises one or more of memo on account, queue for credit review, queuefor fraud alert; wherein the authorization response comprises one ormore contact customer and flag account for suspected fraud; furthercomprising the step of generating one or more reports demonstratingdecision and action metrics associated with historic POS authorizations;and further comprising the step of storing data associated with thetransaction in an authorization log, wherein the data comprises theauthorization response.

According to an exemplary embodiment of the present invention, anautomated computer implemented system for determining authorization fora point of sale transaction comprises: an interface for receiving apoint of sale authorization request for a transaction from a customer ata merchant, via a communication network; a profile module for accessingprofile data associated with one or more of the customer, an accountassociated with the customer and the merchant involved in thetransaction; a rules module for applying one or more rules to theauthorization request wherein the one or more rules comprises creditrules and fraud rules; a scoring module for applying one or more scoringalgorithm to the authorization request wherein the one or more scoringalgorithm indicates an assessment of risk; and a decision engine fordetermining an authorization response, via a programmed computerprocessor, based at least in part on a combination of profile data, theone or more applied rules and the one or more applied scoringalgorithms; and for providing the authorization response for thetransaction via the communication network.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to facilitate a fuller understanding of the present inventions,reference is now made to the appended drawings. These drawings shouldnot be construed as limiting the present inventions, but are intended tobe exemplary only.

FIG. 1 is an exemplary diagram of a system for processing point of saleauthorization requests, according to an embodiment of the presentinvention.

FIG. 2 is an exemplary flowchart illustrating a method for processingpoint of sale authorization requests, according to an embodiment of thepresent invention.

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENT(S)

An embodiment of the present invention is directed to an infrastructureto deliver optimal point of sale (POS) decisions for customers and otherusers. POS decisioning may include the ability to interact with acustomer in advance of an authorization request, during theauthorization decision process, and subsequent to an authorizationdecision. Interactions with the customer may occur via various modes ofcommunication, including in-person, merchant location, telephone,Internet, electronic communication, etc. An embodiment of the presentinvention improves the ability to make more accurate and well informeddecisions by providing predictive data and more precise rule sets.

An embodiment of the present invention is able to recognize customerprofile data card product type, merchant data, account data, geographicdata and/or other relevant information at the point of sale to provideaccurate and comprehensive decisioning. In addition, an embodiment ofthe present invention analyzes fraud data to recognize fraud trends andother behavior at the point of sale for each transaction. Thus, anembodiment of the present invention may balance the dimensions of creditand fraud risk, customer experience, the cost of delivering anappropriate POS authorization decision and/or other factors—all of whichmay be dynamic.

An embodiment of the present invention provides greater precision intransaction decisions. A method and system of an embodiment of thepresent invention may introduce a richer set of data into the decisionprocess (e.g., customer, card and merchant behavior profiles, etc.)Also, better controls and monitoring of strategizes may be realized.

An embodiment of the present invention may create, support, and leveragecomprehensive, time-based data views of customers, accounts, merchants,geographies, transactions and/or other data. According to an exemplaryembodiment, the system and method may provide tools and processes thatallow an entity to manage complex and evolving POS strategies via actsof configuration carried out by business analysts, strategy managersand/or other participants. An embodiment of the present invention mayprovide the ability to support rich, real-time analysis and reportingtools that inform managers and/or other participants on the health ofthe POS operating environment and the running performance of executingPOS strategies. An embodiment of the present invention may receiveinputs and send updates to a variety of source and target data storesand systems and may further incorporate data and notifications from newsources through an integration process.

For example, an embodiment of the present invention may recognize thecustomer, card and account at the point of sale and make comprehensiveintelligent decisions regarding the underlying transaction. In addition,an embodiment of the present invention may also consider merchant datarelated to the transaction as well as geographic data of the customer,merchant, card, etc. For instance, an embodiment of the presentinvention may recognize that a particular card present transactionoccurred in California and another subsequent card present transactionoccurred in New York a short time later (e.g., one hour, etc.) on thesame card. The geographic and temporal considerations would mark thistransaction as being improbable. In other words, fraud may be likelyinvolved.

According to another example, a customer's behavior may indicate anupcoming trip to Europe for two weeks. This may be evident by thecustomer's purchase of airline tickets and hotel reservations and/orother behavior. In another example, the customer may provide thisinformation to a system. Using this information, the system of thepresent invention may deny and/or flag any in person transaction thatoccurs in the U.S. or other area outside of Europe during the two weekperiod.

FIG. 1 is an exemplary diagram of a system for processing point of saleauthorization requests, according to an embodiment of the presentinvention. A system 100 of an embodiment of the present invention mayinclude a Decision Engine 120, which may be stand alone, hosted by anentity, such as a financial institution, service provider, bank, etc.For example, Decision Engine 120 may be affiliated or associated with afinancial institution, bank and/or other entity with POS authorizationconcerns. In an exemplary embodiment involving a financial institution,the financial institution may host or support Decision Engine 120. Inthis example, POS authorization decisioning in accordance with anembodiment of the present invention may appear to be performed byfinancial institution, as a single consolidated unit. According toanother example, Decision Engine 120 may be separate and distinct from afinancial institution. For example, a financial institution, or otherentity, may communicate to Decision Engine 120 via a network or othercommunication mechanism.

Point of Sale 110 may represent a point of sale location, such as amerchant location, online website and/or other purchasing interface. Amerchant or other intermediary may transmit an authorization requestfrom Point of Sale 110. An embodiment of the present invention mayprovide an interface for various transaction sources and controls forwhich data, scores and rules are applied. Association Interface 112 mayreceive an authorization message from a card association or otherintermediary or even directly from Point of Sale 110. AssociationInterface 112 may decrypt the message and convert the message to aninternal format. Association Interface 112 may manage priority ofmessages passed to Transaction Controller 114. For example, somemessages, such as association authorizations, may have higher priorityover other messages, such as pay float. According to another example,POS 110 may communicate directly or indirectly with Decision Engine 120.

Decision Engine 120 may perform various functions, such as dataenrichment, basic check execution, complex decisioning, profile update,decision result recordation, post activity request, and/or otherfunctions. Decision Engine 120 may access and communicate directly orindirectly with Scoring Module 130, Rules Module 132, Profiles Module134, Post Decision Activity Module 136, Authorization Log 140, Database142, Authorization Controls 146, and/or other modules and/or sources ofdata. Communication between each representative component may beelectronic, wireline, wireless and/or other mode of communication. Inaddition, Decision Engine 120 may have access to other sources of dataand/or data feeds that identify other metrics and/or information thatmay be relevant for POS authorization decisioning in accordance with thevarious embodiments of the present invention. While a singleillustrative block, module or component is shown, these illustrativeblocks, modules or components may be multiplied for various applicationsor different application environments. In addition, the modules orcomponents may be further combined into a consolidated unit. Otherarchitectures may be realized. The modules and/or components may befurther duplicated, combined and/or separated across multiple systems atlocal and/or remote locations.

Decision Engine 120 may access various sources of information to performcomprehensive decisioning on point of sale authorization requests fortransactions. For example, Decision Engine 120 may access and/ormaintain Database 142. Database 142 may include data, such as accountinformation, transaction activity, payment activity, and/or otherrelevant data for one or more accounts. While a single database isillustrated in the exemplary figure, the system may include multipledatabases at the same location or separated through multiple locations.The databases may be further combined and/or separated. In addition, thedatabases may be supported by a financial institution or an independentservice provider. For example, an independent service provider maysupport the one or more databases and/or other functionality at a remotelocation. Other architectures may be realized. The components of theexemplary system diagrams may be duplicated, combined, separated and/orotherwise modified, as desired by various applications of theembodiments of the present invention as well as different environmentsand platforms.

An embodiment of the present invention provides data access andintegration capabilities of data sources in a batch process, but also inreal time processes. The sources of data may range from data warehousestores, to other operational systems, mainframe or new variablescalculated mid authorization stream, but is not limited to this. Anembodiment of the present invention may hide details of specificphysical data payloads from business functions and allow new dataelements to be incorporated, created, and used by POS business functionswith rapid deployment, eliminating dependency on integrated technologyrelease management. Incorporation of new data from existing or newsources may also be included.

As illustrated by Scoring Module 130, an embodiment of the presentinvention provides scoring capabilities that provide assessment ofcredit risk, fraud risk, profitability, spend utilization, attrition,ability to contact, and/or other values and probabilities. For example,scores may represent an estimate for a prediction, such as probabilityof fraud or credit default. Scores may by represented by a numericalvalue or other indication of probability. Any authorization request mayinvolve the invocation of one or multiple scoring functions. Scoresproduced as outputs by one model or calculation may serve as inputs to asubsequently executed model, calculation or to the rules portion of thedecision. Scores related to a particular authorization request may becalculated before, during, or after the authorization response processand in batch, real-time and/or other operational modes. An embodiment ofthe present invention allows for the rapid deployment of new scoringcalculations as well as the easy incorporation of new data elements andsources into the scoring environment.

An embodiment of the present invention may consider fraud data andtrends in the POS authorization decisioning process. For example, anembodiment of the present invention may have access to monitoring datarelated to fraud events and the ability to recognize fraud trends andapply these trends to the decisioning process.

As illustrated by Rules Module 132, an embodiment of the presentinvention provides a business-friendly environment for the development,testing, and deployment of various business rules and business functionsfor POS decision strategies. For example, rules may be used forsegmentation. Rules may identify what spend level a customer belongs to,payment behavior, transaction type (e.g., card present, card notpresent), where the customer prefers to shop, types of transactions(e.g., merchant, Internet, restaurants, entertainment, etc.) and/orother segmentation. Also, rules may be applied to scores to translateprobability into one or more actions concerning the transaction, such asapprove, defer, decline, customer review, other action and/orcombination thereof.

Segmentation data produced by rules may be used to identify and avoidfraudulent charges. For example, a merchant may be an Internet onlymerchant, which means that the merchant only conducts onlinetransactions. If a card present transaction for this particular Internetonly merchant shows up on a customer's card, this purchase may indicatea fraudulent activity. In response, an appropriate action may involveflagging or banning all card present transactions at this Internet onlymerchant. Also, the actions may consider risk assessments. For example,if a possible fraudulent activity is detected, all transactions may bebanned at a merchant with high risk whereas all transactions may beapproved at a merchant with low risk. For the merchant with low risk, acustomer contact for confirmation may be initiated for the approvedtransactions.

Any given authorization request may utilize rule execution prior to,subsequent to and/or simultaneously with score execution. An embodimentof the present invention may allow rule changes and updates to beapplied to the production environment, through a controlled process, ona daily or other basis. Business rules and functions may supportarithmetic and logical operators as well as mathematical, statistical,string and/or other functions. Rules may be callable from other rulesand it may be possible to invoke multiple rule sets in response to asingle authorization. Additionally, rules may initiate actions onoperational systems. Targeted actions may include but are not limitedto: account blocking, recording information in support of futuredecisions, queuing a transaction for review by an operational process,initiating customer communication or customer treatments and/or otheractions.

As illustrated by Profiles Module 134, an embodiment of the presentinvention may access profile information, such as customer data,customer preference, card product data, merchant data, account data,geographic information and/or other data. An embodiment of the presentinvention may provide or be able to leverage a data storage environmentcapable of hosting operational data profiles representing Account,Customer, Card, Merchant, Customer Geography, and Transaction businessentities for use by POS strategies. Profiles may accept updates on timeintervals ranging from monthly (e.g., account cycle, etc.) to daily to,in some cases, sub-second (e.g., transactional, etc.).

Profile data may include data related to card, account, customer,merchant, geography, card merchant, account/merchant,account/geographic, non-authorization profile updates, specialtyprofiles, etc. Customer profile may include variables defined at thecustomer level including credit line, balance, status, tenure, paymentbehavior, outstanding authorizations, cash line, cash balance, balancetransfer/convenience check (BT/CC) balance, number of cards, product,relationship, customer value, average number of transactions per day,average spend per cycle, max spend per day, max spend per cycle, andother variables.

For example, an embodiment of the present invention may recognize that asingle account may be associated with multiple card products, withdifferent account numbers and even different names (e.g., members of afamily). POS authorization decisions may consider a customer's cardbehavior relative to a particular card product as well as other activityassociated with other cards and accounts. For example, a customer's cardactivity may be considered as well as the customer's spouse's activityon a different card product and/or other cards associated with theaccount (e.g., daughter's debit card, etc.).

Various identifiers, such as card number, zip code, merchant name,merchant ID and/or other data may be used to identify associatedprofiles and authorization controls. For example, a card number may beused to identify customer's card, type of card, account and customerprofiles. Zip code may be used to identify a geography profile. Merchantname and/or identifier may be used to access a merchant profile.Intersection profiles, such as card/merchant, card/geography, may alsobe identified. For example, a card/geography interaction profile mayconsider where a card has been used and relevant activity in thatparticular location. In this example, whether the card has been used ina particular geographic location may be considered. A risk assessmentmay be performed or determined on the geographic location. For example,a customer may reside in Delaware. It may be determined by his profileand other data that he does not travel beyond the east coast. If a cardpresent transaction is detected in California, an embodiment of thepresent invention may determined that this particular card has neverbeen to California. It may also determined that the merchant inCalifornia involved in the transaction has a higher than normal fraudrate. With these factors in consideration, an embodiment of the presentinvention may then determine an appropriate action, such as deny and/orflag the potential fraudulent activity. Associated records fromauthorization control tables may also be identified, such as yellowflags, travel advisories, purchase advisories, safe zones, guaranteedapproval, etc.

An embodiment of the present invention may focus on the card and trackwhere it is being used. This data may be used to create and/or refine acustomer's profile data. For example, a customer residing in 12345 zipcode may use the card at a particular restaurant. By applying a fraudrule, the system may recognize that other customers living in that samezip code also dine at that restaurant and thereby deem thosetransactions valid. The system may continue to monitor the customer'sbehavior and continue to approve transactions within the recognized zipcode. If transactions start showing up in other locations, thosetransactions may be flagged or declined. As the system develops andrefines the customer's profile, the system may recognize that thecustomer visits family two hours away each month. The system mayrecognize this as a safe zone and authorize all transactions in thatarea during the recognized time frame. The system may also recognizethat families travel more often during the summer months when school isout of session. So, for the summer months, the system will approve moretransactions outside the local zip code. Also, the system may recognizethat the customer travels to San Francisco every August. Accordingly,these transactions will be authorized in this location during the traveltime period. According to another example, an embodiment of the presentinvention may recognize business travels where the customer makes traveland hotel arrangements for himself or herself, without additional familymembers. Also, a customer may have a designated business card productfor business purchases. An embodiment of the present invention mayrecognize that different geographies are more likely for business travelas opposed to personal travel. Accordingly, those business relatedpurchases will more likely be approved, even if occurring in variousgeographic locations. Other variations and applications may be applied.

An embodiment of the present invention may view data that could havebeen used to decision an authorization at the time of processing, notjust the data that was actually used by the rules sets that wereexecuted. Capturing all the data as part of the decision log permits anembodiment of the present invention to easily simulate the impact of newrules and scores.

Database 142 may support a complete record of data used to process anauthorization request or other decision type as well as a complete traceof rules and scores used in the process. Information captured andretained as the result of an authorization decision may be available foruse by analytic and operational processes. Database 142 may also receiveExternal Data 144 from various sources. While a single block is shown,external data may represent multiple sources of data. For example,Database 142 may receive good indicators, bad indicators as well asneutral indicators. Good indicators may include recency of payments,time passed with no fraudulent activities, etc. Bad indicators mayinclude fraud reported by customers, lack of payment from customer,missed or late payments, loss of income, etc. Other data may includefraud occurring elsewhere, notifications from merchants, police reports,credit bureau reports, reports from other entities (e.g., issuers, loanagencies, etc.), macro economic data (e.g., state of unemployment, stockmarket, etc.) and/or other data. Data from financial institutions mayalso be used. For example, a customer may have an automatic deposit withan employer twice a month. If the automatic deposit has been terminated,the customer's credit default risk may increase. Partner data fromvarious entities (e.g., travel and entertainment agencies) may also bereceived. This data may be used to identify travel patterns and othercustomer behavior data.

As illustrated by Reports Module 136, an embodiment of the presentinvention may provide and/or support real-time dashboards, standardreports, and ad hoc queries and reports that present metrics on theoverall health and performance of the technical operating environment aswell as the decision and action metrics of executing POS strategies.Dashboard, reporting, and query capabilities may be accessible by abroad range of analytic and operational stakeholders including IT,Strategy Management, Marketing and/or other entities. The ManagementInformation System (MIS) metrics set may be extensible via businessconfiguration or development processes. An embodiment of the presentinvention may support high-level summarization and drill-down across aconfigurable range of dimensions and filters including but not limitedto customer, account, product, business unit, transaction type, merchantand/or other factors. An embodiment of the present invention may supporttemporal aggregation intervals ranging from seconds through minutes,hours, days, weeks, and months to yearly aggregations. An embodiment ofthe present invention may also provide an environment that allowsbusiness strategy managers to define Event Detection Rules that may bemonitored and enforced by the Analytic Data Storage environment and thencommunicated to the Decision Engine environment for handling by POSstrategies and rules. Defined events to be supported may includecustomer spending outside of normal geographic and merchant footprints,spending velocity pattern changes, and other “out-of-band” behaviorsthat may be defined over Customer, Account, and/or Merchant datafootprints.

A user may access the Reports Module 136 via a user interface. Reportsand other outputs may be transmitted via wireless communication toremote devices. Users may program and execute customized reports on aperiodic basis or by request. Other variations and implementations maybe realized.

Post Activity Module 138 may provide various actions for execution.Exemplary actions may include the following: memo on account, queue forcredit review, queue for fraud review, contact customer, flag theaccount for suspected fraud, e.g., yellow flag, trigger an alert, etc.

Authorization Log 140 may store authorization history data and trackdecisions made by Decision Engine 120. For some transactions, DecisionEngine 120 may access Authorization Log 140 to perform comparisons toattributes of current transactions. This may be particularly relevant toVelocity and Distance checks. Velocity may refer to the frequency ofspend over a given period of time for similar transactions. For Velocitychecks, an embodiment of the present invention may look for matches withcurrent authorization. For example, multiple transactions of the sametype at a high volume may indicate potential fraudulent behavior, suchas purchasing ten plasma televisions within a 4 hour window. The rulesmay provide what types of matches to make, based on logic that wascoded, e.g., match by merchant, MCC, POS entry mode, amount rage, etc.Distance may refer to the distance of the current transaction from thelast transactions. For Distance checks, an embodiment of the presentinvention may return the sequence of zip codes for the requested timeperiod. For example, an embodiment of the present invention may flag atransaction made in New York and a subsequent transaction made inCalifornia within a short time frame, such as 4 hours, for fraud basedon the location and time between transactions.

Once a decision has been returned, various data, including logs,profiles, etc., may be updated through Authorization Controls 146.

According to another embodiment of the present invention, DecisionEngine 120 may host a website or other electronic interface, where usersmay access data as well as provide data. For example, a financialinstitution, merchant and/or other entity may access information throughan interface to view data, submit requests, provide data and/or performother actions.

FIG. 2 is an exemplary flowchart illustrating a method for processingpoint of sale authorization requests, according to an embodiment of thepresent invention. At step 210, a POS authorization request may bereceived from a merchant or other entity. At step 212, profile data maybe retrieved in response to the POS authorization request. At step 214,one or more rules may be applied. At step 216, one or more scoringalgorithms may be applied. At step 218, an authorization response may bedetermined. At step 220, post decision activity may be performed. Also,feedback loop 222 may be implemented to further revise and refineprofile data and/or other information. The order illustrated in FIG. 2is merely exemplary. While the process of FIG. 2 illustrates certainsteps performed in a particular order, it should be understood that theembodiments of the present invention may be practiced by adding one ormore steps to the processes, omitting steps within the processes and/oraltering the order in which one or more steps are performed. These stepswill be described in greater detail below.

At step 210, a POS authorization request may be received from a merchantor other entity. The authorization request may be received from merchantlocation or other location for making a transaction.

At step 212, profile data may be retrieved in response to the POSauthorization request. Profile data may include data associated with thecustomer, account and merchant. Other profile data may includegeographic data indicating where the transaction is taking place as wellas where the customer is currently located.

At step 214, one or more rules may be applied. Rules may include creditrules and fraud rules. An embodiment of the present invention mayconsiders both credit and fraud factors in authorizing a transaction.For example, rules may identify segmentation data, such as customerspend data, transaction type, payment behavior, etc. While Apply Rulesstep 214 is illustrated in this exemplary diagram as occurring beforeApply Scoring Algorithm step 216, step 214 can occur after, before oreven concurrently with step 216. Other variations in the order of thesteps illustrated in FIG. 2 may be realized.

At step 216, one or more scoring algorithms may be applied. The scoringalgorithms may represent the risk involved in the transaction, such asfraud, credit default and/or other risk associated with a transaction.Other risk may include profitability, spend utilization, attrition andother types of risk.

At step 218, an authorization response may be determined. Based on thecomprehensive data, an embodiment of the present invention may make awell decisioned determination for the POS authorization request. Forexample, profile data, including customer data, account data, merchantdata and/or other data may considered. Risk assessment, includinglikelihood for fraud and/or credit default, may be considered in how toauthorize a transaction. Other external sources of data may also beinvolved in determining POS authorization.

At step 220, post decision activity may be performed. Additionalresearch and reporting may be performed, for example. In addition, theoutput may be considered in revising the rules and algorithms discussedabove. A feedback loop may be implemented at step 222. For example, thecustomer's profile may be updated. If the customer is not fitting acertain profile or model, a customer contact may be initiated toarbitrate a questionable transaction. Based on the customer feedback,the customer's profile may be updated. According to another example, acustomer questionnaire may be forwarded or requested to gather moreaccurate information.

While the exemplary embodiments illustrated herein may show the variousembodiments of the invention (or portions thereof) collocated, it is tobe appreciated that the various components of the various embodimentsmay be located at distant portions of a distributed network, such as alocal area network, a wide area network, a telecommunications network,an intranet and/or the Internet, or within a dedicated object handlingsystem. Thus, it should be appreciated that the components of thevarious embodiments may be combined into one or more devices orcollocated on a particular node of a distributed network, such as atelecommunications network, for example. As will be appreciated from thefollowing description, and for reasons of computational efficiency, thecomponents of the various embodiments may be arranged at any locationwithin a distributed network without affecting the operation of therespective system.

Data and information maintained by Decision Engine 120 may be stored andcataloged in Database 142 which may comprise or interface with asearchable database. Database 142 may comprise, include or interface toa relational database. Other databases, such as a query format database,a Standard Query Language (SQL) format database, a storage area network(SAN), or another similar data storage device, query format, platform orresource may be used. Database 142 may comprise a single database or acollection of databases, dedicated or otherwise. In one embodiment,Database 142 may store or cooperate with other databases to store thevarious data and information described herein. In some embodiments,Database 142 may comprise a file management system, program orapplication for storing and maintaining data and information used orgenerated by the various features and functions of the systems andmethods described herein. In some embodiments, Database 142 may store,maintain and permit access to customer information, transactioninformation, account information, and general information used toprocess transactions as described herein. In some embodiments, Database142 is connected directly to Decision Engine 120, which, in someembodiments, it is accessible through a network, such as communicationnetwork, for example.

Communications network may be comprised of, or may interface to any oneor more of, the Internet, an intranet, a Personal Area Network (PAN), aLocal Area Network (LAN), a Wide Area Network (WAN), a Metropolitan AreaNetwork (MAN), a storage area network (SAN), a frame relay connection,an Advanced Intelligent Network (AIN) connection, a synchronous opticalnetwork (SONET) connection, a digital T1, T3, E1 or E3 line, a DigitalData Service (DDS) connection, a Digital Subscriber Line (DSL)connection, an Ethernet connection, an Integrated Services DigitalNetwork (ISDN) line, a dial-up port such as a V.90, a V.34 or a V.34bisanalog modem connection, a cable modem, an Asynchronous Transfer Mode(ATM) connection, a Fiber Distributed Data Interface (FDDI) connection,or a Copper Distributed Data Interface (CDDI) connection.

Communications network may also comprise, include or interface to anyone or more of a Wireless Application Protocol (WAP) link, a GeneralPacket Radio Service (GPRS) link, a Global System for MobileCommunication (GSM) link, a Code Division Multiple Access (CDMA) link ora Time Division Multiple Access (TDMA) link such as a cellular phonechannel, a Global Positioning System (GPS) link, a cellular digitalpacket data (CDPD) link, a Research in Motion, Limited (RIM) duplexpaging type device, a Bluetooth radio link, or an IEEE 802.11-basedradio frequency link. Communications network 107 may further comprise,include or interface to any one or more of an RS-232 serial connection,an IEEE-1394 (Firewire) connection, a Fibre Channel connection, aninfrared (IrDA) port, a Small Computer Systems Interface (SCSI)connection, a Universal Serial Bus (USB) connection or another wired orwireless, digital or analog interface or connection.

In some embodiments, communication network may comprise a satellitecommunications network, such as a direct broadcast communication system(DBS) having the requisite number of dishes, satellites andtransmitter/receiver boxes, for example. Communications network may alsocomprise a telephone communications network, such as the Public SwitchedTelephone Network (PSTN). In another embodiment, communication network120 may comprise a Personal Branch Exchange (PBX), which may furtherconnect to the PSTN.

In some embodiments, Decision Engine 120 may include any terminal (e.g.,a typical home or personal computer system, telephone, personal digitalassistant (PDA) or other like device) whereby a user may interact with anetwork, such as communications network that is responsible fortransmitting and delivering data and information used by the varioussystems and methods described herein. Decision Engine 120 may include,for instance, a personal or laptop computer, a telephone, or PDA.Decision Engine 120 may include a microprocessor, a microcontroller orother general or special purpose device operating under programmedcontrol. Decision Engine 120 may further include an electronic memorysuch as a random access memory (RAM) or electronically programmable readonly memory (EPROM), a storage such as a hard drive, a CDROM or arewritable CDROM or another magnetic, optical or other media, and otherassociated components connected over an electronic bus, as will beappreciated by persons skilled in the art. Decision Engine 120 may beequipped with an integral or connectable cathode ray tube (CRT), aliquid crystal display (LCD), electroluminescent display, a lightemitting diode (LED) or another display screen, panel or device forviewing and manipulating files, data and other resources, for instanceusing a graphical user interface (GUI) or a command line interface(CLI). Decision Engine 120 may also include a network-enabled appliance,a browser-equipped or other network-enabled cellular telephone, oranother TCP/IP client or other device.

As described above, FIG. 1 shows embodiments of a system of theinvention. The system of the invention or portions of the system of theinvention may be in the form of a “processing machine,” such as ageneral purpose computer, for example. As used herein, the term“processing machine” is to be understood to include at least oneprocessor that uses at least one memory. The at least one memory storesa set of instructions. The instructions may be either permanently ortemporarily stored in the memory or memories of the processing machine.The processor executes the instructions that are stored in the memory ormemories in order to process data. The set of instructions may includevarious instructions that perform a particular task or tasks, such asthose tasks described above in the flowcharts. Such a set ofinstructions for performing a particular task may be characterized as aprogram, software program, or simply software.

As noted above, the processing machine executes the instructions thatare stored in the memory or memories to process data. This processing ofdata may be in response to commands by a user or users of the processingmachine, in response to previous processing, in response to a request byanother processing machine and/or any other input, for example. Asdescribed herein, a module performing functionality may comprise aprocessor and vice-versa.

As noted above, the processing machine used to implement the inventionmay be a general purpose computer. However, the processing machinedescribed above may also utilize any of a wide variety of othertechnologies including a special purpose computer, a computer systemincluding a microcomputer, mini-computer or mainframe for example, aprogrammed microprocessor, a micro-controller, a peripheral integratedcircuit element, a CSIC (Customer Specific Integrated Circuit) or ASIC(Application Specific Integrated Circuit) or other integrated circuit, alogic circuit, a digital signal processor, a programmable logic devicesuch as a FPGA, PLD, PLA or PAL, or any other device or arrangement ofdevices that is capable of implementing the steps of the process of theinvention.

It is appreciated that in order to practice the method of the inventionas described above, it is not necessary that the processors and/or thememories of the processing machine be physically located in the samegeographical place. That is, each of the processors and the memoriesused in the invention may be located in geographically distinctlocations and connected so as to communicate in any suitable manner.Additionally, it is appreciated that each of the processor and/or thememory may be composed of different physical pieces of equipment.Accordingly, it is not necessary that the processor be one single pieceof equipment in one location and that the memory be another single pieceof equipment in another location. That is, it is contemplated that theprocessor may be two pieces of equipment in two different physicallocations. The two distinct pieces of equipment may be connected in anysuitable manner. Additionally, the memory may include two or moreportions of memory in two or more physical locations.

To explain further, processing as described above is performed byvarious components and various memories. However, it is appreciated thatthe processing performed by two distinct components as described abovemay, in accordance with a further embodiment of the invention, beperformed by a single component. Further, the processing performed byone distinct component as described above may be performed by twodistinct components. In a similar manner, the memory storage performedby two distinct memory portions as described above may, in accordancewith a further embodiment of the invention, be performed by a singlememory portion. Further, the memory storage performed by one distinctmemory portion as described above may be performed by two memoryportions.

Further, various technologies may be used to provide communicationbetween the various processors and/or memories, as well as to allow theprocessors and/or the memories of the invention to communicate with anyother entity; e.g., so as to obtain further instructions or to accessand use remote memory stores, for example. Such technologies used toprovide such communication might include a network, the Internet,Intranet, Extranet, LAN, an Ethernet, or any client server system thatprovides communication, for example. Such communications technologiesmay use any suitable protocol such as TCP/IP, UDP, or OSI, for example.

As described above, a set of instructions is used in the processing ofthe invention. The set of instructions may be in the form of a programor software. The software may be in the form of system software orapplication software, for example. The software might also be in theform of a collection of separate programs, a program module within alarger program, or a portion of a program module, for example Thesoftware used might also include modular programming in the form ofobject oriented programming. The software tells the processing machinewhat to do with the data being processed.

Further, it is appreciated that the instructions or set of instructionsused in the implementation and operation of the invention may be in asuitable form such that the processing machine may read theinstructions. For example, the instructions that form a program may bein the form of a suitable programming language, which is converted tomachine language or object code to allow the processor or processors toread the instructions. That is, written lines of programming code orsource code, in a particular programming language, are converted tomachine language using a compiler, assembler or interpreter. The machinelanguage is binary coded machine instructions that are specific to aparticular type of processing machine, i.e., to a particular type ofcomputer, for example. The computer understands the machine language.

Any suitable programming language may be used in accordance with thevarious embodiments of the invention. Illustratively, the programminglanguage used may include assembly language, Ada, APL, Basic, C, C++,COBOL, dBase, Forth, Fortran, Java, Modula-2, Pascal, Prolog, REXX,Visual Basic, and/or JavaScript, for example. Further, it is notnecessary that a single type of instructions or single programminglanguage be utilized in conjunction with the operation of the system andmethod of the invention. Rather, any number of different programminglanguages may be utilized as is necessary or desirable.

Also, the instructions and/or data used in the practice of the inventionmay utilize any compression or encryption technique or algorithm, as maybe desired. An encryption module might be used to encrypt data. Further,files or other data may be decrypted using a suitable decryption module,for example.

As described above, the invention may illustratively be embodied in theform of a processing machine, including a computer or computer system,for example, that includes at least one memory. It is to be appreciatedthat the set of instructions, i.e., the software for example, thatenables the computer operating system to perform the operationsdescribed above may be contained on any of a wide variety of media ormedium, as desired. Further, the data that is processed by the set ofinstructions might also be contained on any of a wide variety of mediaor medium. That is, the particular medium, i.e., the memory in theprocessing machine, utilized to hold the set of instructions and/or thedata used in the invention may take on any of a variety of physicalforms or transmissions, for example. Illustratively, the medium may bein the form of paper, paper transparencies, a compact disk, a DVD, anintegrated circuit, a hard disk, a floppy disk, an optical disk, amagnetic tape, a RAM, a ROM, a PROM, a EPROM, a wire, a cable, a fiber,communications channel, a satellite transmissions or other remotetransmission, as well as any other medium or source of data that may beread by the processors of the invention.

Further, the memory or memories used in the processing machine thatimplements the invention may be in any of a wide variety of forms toallow the memory to hold instructions, data, or other information, as isdesired. Thus, the memory might be in the form of a database to holddata. The database might use any desired arrangement of files such as aflat file arrangement or a relational database arrangement, for example.

In the system and method of the invention, a variety of “userinterfaces” may be utilized to allow a user to interface with theprocessing machine or machines that are used to implement the invention.As used herein, a user interface includes any hardware, software, orcombination of hardware and software used by the processing machine thatallows a user to interact with the processing machine. A user interfacemay be in the form of a dialogue screen for example. A user interfacemay also include any of a mouse, touch screen, keyboard, voice reader,voice recognizer, dialogue screen, menu box, list, checkbox, toggleswitch, a pushbutton or any other device that allows a user to receiveinformation regarding the operation of the processing machine as itprocesses a set of instructions and/or provide the processing machinewith information. Accordingly, the user interface is any device thatprovides communication between a user and a processing machine. Theinformation provided by the user to the processing machine through theuser interface may be in the form of a command, a selection of data, orsome other input, for example.

As discussed above, a user interface is utilized by the processingmachine that performs a set of instructions such that the processingmachine processes data for a user. The user interface is typically usedby the processing machine for interacting with a user either to conveyinformation or receive information from the user. However, it should beappreciated that in accordance with some embodiments of the system andmethod of the invention, it is not necessary that a human user actuallyinteract with a user interface used by the processing machine of theinvention. Rather, it is contemplated that the user interface of theinvention might interact, i.e., convey and receive information, withanother processing machine, rather than a human user. Accordingly, theother processing machine might be characterized as a user. Further, itis contemplated that a user interface utilized in the system and methodof the invention may interact partially with another processing machineor processing machines, while also interacting partially with a humanuser.

Further, although the embodiments of the present inventions have beendescribed herein in the context of a particular implementation in aparticular environment for a particular purpose, those of ordinary skillin the art will recognize that its usefulness is not limited thereto andthat the embodiments of the present inventions can be beneficiallyimplemented in any number of environments for any number of purposes.Accordingly, the claims set forth below should be construed in view ofthe full breadth and spirit of the embodiments of the present inventionsas disclosed herein.

What is claimed is:
 1. An automated computer implemented method fordetermining authorization for a point of sale transaction, wherein themethod is executed by a programmed computer processor which communicateswith a user via a communication network, the method comprising the stepsof: receiving, via an interface, a point of sale authorization requestfor a transaction from a customer at a merchant, via a communicationnetwork; accessing, via a profile module comprising at least onecomputer processor, profile data associated with the customer and anaccount associated with the customer, wherein the profile data comprisesgeographic data associated with the customer, the merchant and a cardproduct associated with the customer and risk assessment relevant to acorresponding geographic location; accessing, via the profile module,merchant profile data associated with the merchant involved in thetransaction; applying, via a rules module comprising at least onecomputer processor, one or more rules to the authorization requestwherein the one or more rules comprises credit rules and fraud ruleswherein the fraud rules use the geographic data to identify potentialfraud; applying, via a scoring module comprising at least one computerprocessor, one or more scoring algorithm to the authorization requestwherein the one or more scoring algorithm indicates an assessment ofrisk; determining an authorization response, via a decision enginecomprising at least one computer processor, based at least in part on acombination of profile data, the one or more applied rules and the oneor more applied scoring algorithms; and providing the authorizationresponse for the transaction via the communication network.
 2. Themethod of claim 1, wherein the profile data comprises travel advisoriesand purchase advisories associated with the customer.
 3. The method ofclaim 1, wherein the one or more scoring algorithm comprises credit riskand fraud risk.
 4. The method of claim 3, wherein the fraud risk isbased on one or more of fraud events and fraud trends.
 5. The method ofclaim 1, wherein the one or more scoring algorithm comprises one or moreof profitability, spend utilization and attrition.
 6. The method ofclaim 1, wherein the authorization response comprises one or more ofmemo on account, queue for credit review, queue for fraud alert.
 7. Themethod of claim 1, wherein the authorization response comprises one ormore contact customer and flag account for suspected fraud.
 8. Themethod of claim 1, further comprising the step of: generating one ormore reports demonstrating decision and action metrics associated withhistoric POS authorizations.
 9. The method of claim 1, furthercomprising the step of: storing data associated with the transaction inan authorization log, wherein the data comprises the authorizationresponse.
 10. An automated computer implemented system for determiningauthorization for a point of sale transaction, the system comprising: aninterface configured to receive a point of sale authorization requestfor a transaction from a customer at a merchant, via a communicationnetwork; a profile module, comprising at least one computer processor,configured to access profile data associated with the customer and anaccount associated with the customer wherein the profile data comprisesgeographic data associated with the customer, the merchant and a cardproduct associated with the customer and risk assessment relevant to acorresponding geographic location; further configured to access merchantprofile data associated with and the merchant involved in thetransaction; a rules module, comprising at least one computer processor,configured to apply one or more rules to the authorization requestwherein the one or more rules comprises credit rules and fraud ruleswherein the fraud rules use the geographic data to identify potentialfraud; a scoring module, comprising at least one computer processor,configured to apply one or more scoring algorithm to the authorizationrequest wherein the one or more scoring algorithm indicates anassessment of risk; and a decision engine, comprising at least onecomputer processor, configured to determine an authorization responsebased at least in part on a combination of profile data, the one or moreapplied rules and the one or more applied scoring algorithms; andfurther configured to provide the authorization response for thetransaction via the communication network.
 11. The system of claim 9,wherein the profile data comprises travel advisories and purchaseadvisories associated with the customer.
 12. The system of claim 9,wherein the one or more scoring algorithm comprises credit risk andfraud risk.
 13. The system of claim 12, wherein the fraud risk is basedon one or more of fraud events and fraud trends.
 14. The system of claim9, wherein the one or more scoring algorithm comprises one or more ofprofitability, spend utilization and attrition.
 15. The system of claim9, wherein the authorization response comprises one or more of memo onaccount, queue for credit review, queue for fraud alert.
 16. The systemof claim 9, wherein the authorization response comprises one or morecontact customer and flag account for suspected fraud.
 17. The system ofclaim 9, further comprising: a reports module for generating one or morereports demonstrating decision and action metrics associated withhistoric POS authorizations.
 18. The system of claim 9, furthercomprising: an authorization log for storing data associated with thetransaction, wherein the data comprises the authorization response.